Close Window
Clear's Privacy Policy (Effective April 15, 2007)
The Clear® Registered Traveler program ("Clear") is owned and operated by Verified Identity Pass, Inc., a privately held company. This program is operated in accordance with standards set and oversight conducted by the U.S. Government's Transportation Security Administration (TSA), a division of the Department of Homeland Security.
Clear explains here in detail how we protect the privacy, confidentiality, member access and data security rights of applicants and members.
If, after reading this explanation, you have questions or want further information, please contact Clear's Chief Privacy Officer.
1. WHAT INFORMATION WE COLLECT AND HOW WE USE IT
A. We ask applicants to volunteer basic information — required by the TSA for membership in this Program — to identify themselves and start the enrollment process (including information submitted online). The requested biographic data includes full name, address, and date of birth.
Applicants are not required to provide some of this information, including Social Security numbers. However, the absence of this data may delay or prevent the completion of the security assessment, without which the applicant may not be permitted to participate in this program. We urge you to supply this data and your Social Security number, and we promise to take extra precautions to protect it. For example, your Social Security number is stored in a separate facility from your biographic information that is needed for customer service issues. We have also used an extra layer of encryption to ensure the protection of your Social Security number.
The applicant is assigned an enrollment number. This information produces an initial enrollment application. Clear asks applicants to appear in-person with two forms of government-issued identification (one of which must contain a photo) - such as a passport or driver's license. We carefully examine these documents for authenticity using the latest document inspection technology to detect tampering or counterfeiting. So that we have a complete record of your application, we store in a secure database the biographical information and an image of the documents you submit to enroll.
In addition to information to be transmitted to TSA, Clear collects an applicant's credit card information for membership payment. This data is collected solely for our use. It is not transmitted to or shared with TSA, and TSA does not require its collection. As an extra precaution, your credit card information is stored in a separate facility from the biographic information that is transmitted to TSA.
B. Following successful initial identity verification, Clear staff members take a digital photo and digital images of all of the applicant's fingerprints and his or her irises and store these images in a member's record in Clear's secure database.
C. An applicant's name and biometrics and other biographical information from the application process are then submitted to the TSA as required. The TSA makes the necessary security threat assessment that will determine if the applicant is cleared for membership in the program. TSA makes this Threat Assessment using a variety of terrorist threat-related databases. TSA does not transmit to Clear or to the airport any information about the applicant or any reasons for its decisions. TSA tells us only that the applicant, having gone through the TSA threat assessment process, has received either an "Approved Security Threat Assessment" or has received a "Not Approved Security Threat Assessment." The TSA's policy is that it will establish an adjudication process for those who are denied enrollment and wish to question that decision. However, the nature and effectiveness of that process is beyond Clear's control. By applying to the program, an applicant is agreeing to this condition. See the TSA Privacy Act Notice provided during enrollment and included at the end of this document. An applicant becomes a member of Clear upon receiving this approval by TSA. Applicants' credit cards are not charged until Clear has received approval of the application from the TSA and the card has been mailed to the applicant.
D. TSA will conduct continuous security reviews of Clear members, which assure that members continue to have cleared status. Clear does not receive the contents of any such reviews; it is informed by TSA only that the member has received approval for continued Clear membership or has not received approval for continued Clear membership.
E. If a member's security review results in a determination by TSA that the member is no longer cleared for membership, within three business days after Clear receives notice from TSA, Clear will notify the member that his or her Clear card and membership is no longer valid. We will provide the member with a pro-rata refund.
2. WHAT WE DO NOT COLLECT
Our system cannot produce any reconstruction of when and where you use the Clear card. Put simply, the system cannot track your movements.
When your Clear card is presented at the Clear lane kiosk, you are also asked to present your biometric — your fingerprint or your iris image — at the kiosk to make sure it matches the biometric embedded in the card. This is our way of making sure that the card actually belongs to you. Then, the unique identifying number embedded in the card is checked against the card revocation list. If approval is granted, the Clear member's entry is authorized. For purposes of real-time maintenance and customer support (e.g., if your card doesn't work, we need to be able to run tests to understand why), we will maintain "log files" of entrances to local venues. However, we purge these records automatically every 24-48 hours: and we have designed our network so that neither we nor any of our subcontractors, can track and record members' activities from location to location. In fact, through the issuance of two separate numbers — the Unique Identifier to verify continued authorization from TSA and a Personal Identification Number to track customer inquiries — Clear has developed a system that addresses customer service inquiries and system maintenance needs while still ensuring the privacy of our members.
If you are using any of our enhanced equipment at the Clear lane, such as the shoe scanner, you may be issued a receipt to show the TSA officer at the lane whether you have been processed by that equipment. For example, the receipt might say that your shoes have been cleared and, therefore, that you do not have to remove them before going through the metal detector. The receipt has your digital photo on it to ensure that you cannot switch it with someone else. But it does not have your name, and the TSA officer who collects the receipts destroys them by the end of each day.
3. INFORMATION SECURITY
Clear and its subcontractors, pursuant to legal agreements, have a comprehensive information security program to ensure the privacy of Clear applicants and members as well as the integrity of our systems. We apply ID's and passwords to insure that access to systems and data is only on a need-to-know basis. We use encryption (a strong data coding process) for all program sensitive data communications. We apply firewalls to guard against outside intruders. We conduct periodic data security audits to check that the rules are being followed. TSA also conducts periodic audits to assure that we comply with their extremely high standards of data security. We have a continuous update process for Anti Virus protection and implement Operating Systems Security updates for our network infrastructure.
4. CONFIDENTIALITY
All members' records in the Clear system, whether in hard copy or in computer systems, are designated as CONFIDENTIAL. Each of our employees, and the employees of our subcontractors handling this information, must pass a background investigation. Once employed, they can examine Clear member records only on a need-to-know basis to provide the service authorized. All employees of Clear and its subcontractors receive Privacy and Fair Information Practices training when they are hired and again if the Policy is changed. Each employee of Clear and its subcontractors signs a Confidentiality Pledge promising to adhere scrupulously to Clear's privacy rules and security procedures, with discipline up to and including dismissal for violations.
5. GOVERNMENT REQUESTS FOR DATA
Besides the information we collect for customer service purposes (for example, your credit card), we only collect information that is requested by the Transportation Security Administration. We send all the information requested by TSA to TSA. Any requests from any law enforcement officials will be directed to TSA. We have no tracking data about members to provide to TSA, only basic identity information, and the biometric images captured at enrollment.
6. STRICT LIMITATIONS ON APPLICANT OR MEMBER DATA
A. We do not sell or give lists or compilations of the personal data of our members to any business or non-profit organization. We do not provide member information to any affiliated or non-affiliated organizations for marketing.
B. Indeed, none of the information that we collect may be used for any purpose outside the operation and maintenance of the Clear Services.
C. We pledge to notify all members by email of any material changes in our privacy policies, so that they can cancel their membership if they so decide.
7. MEMBER ACCESS
A member's Record in the Clear system is a slim file — as already described. However, a member can request a copy of everything that we have in his or her information systems files for the Clear Program identified to the member personally, and we will provide this information.
8. IF THERE IS AN UNAPPROVED SECURITY THREAT ASSESSMENT BY TSA
A. As already noted, we will securely transmit the biographic and biometric information provided to us in the Clear application process to TSA so that it can conduct a Security Threat Assessment during the application process and periodically throughout the duration of the Program.
B. If we are informed that an applicant receives an "Unapproved Security Threat Assessment," we will inform the applicant by e-mail within three (3) days.
C. If we are informed that a member is no longer approved for Clear membership, we will deactivate his or her Clear card and inform the member within three (3) business days of his or her change of status.
9. COMPLIANCE WITH OUR POLICIES
To assure members and potential members that Clear is following its Privacy and Fair Information Practices Policies faithfully, we have adopted five safeguard processes:
A. Annual Privacy Audit.
We have our Chief Privacy Officer conduct a yearly privacy and data security audit, with her report presented to Clear's CEO and its Board of Directors. This Annual Audit, including any problems identified and steps to be taken to resolve those, is made available to Clear members wishing to have this.
B. Independent Auditor.
To provide an independent professional and technical review of Clear's fidelity to its Privacy and Fair Information Practices Policies, including our data security procedures, we have commissioned an annual outside audit from an Independent Public Accounting firm. That professional audit, and our response to it, is available to Clear members and the public who wish to see it. This privacy audit includes audits of any Clear subcontractors who are collecting or maintaining our data.
Clear has put in place what we believe to be strong, effective measures to protect the security of the limited information we collect from members. Because we have implemented these measures and because the public is rightfully concerned about identity theft, we make the following promise to all members: In the highly unlikely event that a member is the victim of identity theft (defined as the taking of a member's personal information so that fraudulent transactions are made in the member's name) that is the result of any unauthorized dissemination by Clear or its subcontractors, or theft from Clear or its subcontractors, of the member's personal data collected by Clear, we will reimburse the member for any otherwise unreimbursable monetary costs directly resulting from such Identity Theft. In addition, Clear will, at its own expense, offer any such member assistance in restoring the integrity of the member's financial or other accounts.
D. Privacy Ombudsman.
Finally, Clear has appointed an independent, outside Privacy Ombudsman, Law Professor Paul Schwartz, noted privacy expert and advocate. He will be identified to members as the person to contact if a member has a privacy complaint or privacy problem with administration of the Clear system or fidelity to our published Privacy Policies. The Independent Privacy Ombudsman is empowered to investigate all privacy complaints, gather the facts, and respond to members, as well as to post responses publicly and prominently on our website. He will also provide Clear's management with recommendations for resolving disputes in keeping with our Privacy promises. TSA will be notified of any suspected or actual privacy breaches or incidents. The Ombudsman can be contacted at www.flyclear.com
E. Notice of Improper Dissemination of Private Information.
Finally, we promise all members that we will notify them promptly as soon as we suspect that any of their private information might have been improperly disseminated, thus triggering their Identity Theft Warranty. TSA will be notified of any suspected or actual privacy breaches or incidents.
++++++++++++++++++
This is the U.S. Transportation Security Administration's Privacy Policy as it relates to the registered traveler Pilot Program. A copy will be distributed to applicants at enrollment.
TSA Privacy Act Statement
Authority: 49 U.S.C. 114 authorizes collection of this information.
Purpose: TSA is collecting this information from all individuals who apply to participate in the Registered Traveler program. TSA will use this information to verify your identity, to conduct and adjudicate a security threat assessment, and, if you are accepted into Registered Traveler, to conduct ongoing security threat assessments and to issue a "smart card" to you that will identify you as a Registered Traveler. Furnishing this information is voluntary. However, failure to provide it may delay or prevent the completion of your security threat assessment, without which you may not be permitted to participate in this program.
Routine Uses: The information will be used by and disclosed to TSA personnel and contractors or other agents who need the information to assist in the operation of Registered Traveler. Additionally, TSA may share this information with airports and airlines to the extent necessary to ensure proper identification, ticketing, security screening, and boarding of Registered Travelers. TSA may disclose information to appropriate law enforcement or other government agencies as necessary to identify and respond to outstanding criminal warrants or potential threats to transportation security. TSA may also disclose information pursuant to its published system of records notice, DHS/TSA 002, Transportation Security Threat Assessment System (T-STAS) and DHS/TSA 015, Registered Traveler Operations Files, both of which were last published in the Federal Register on November 8, 2005, at 70 FR 67731-67736.
Effective as of April 15, 200